Yesterday, the SSSD team hit a major milestone: we released SSSD 1.5.0. This is probably the largest release we’ve done since 1.0, with over 150 commits. With several new features, particularly related to access-control, we’ve worked closely with our users to ensure that 1.5.0 is the most attuned project to their real-world needs. As I’ve mentioned in the past, SSSD relies on a very stringent code-review process for its development. Nothing makes it into the codebase without the close inspection and testing of one of the other developers. Simo Sorce, one of the original designers and developers of the System Security Services Daemon wrote an excellent blog post on how this review policy has enabled us to write very secure code.
One of the major changes we made to our process in SSSD 1.5.0 is that we started using the Coverity Integrity Manager as part of our continuous-integration environment. By running these scans on the full codebase regularly (twice a day), we were able to keep ahead of common coding mistakes such as resource leaks or missing NULL checks. While this scanning did reveal several legitimate bugs in the SSSD, it also revealed that we had been doing an exceptional job of avoiding serious bugs in the code. For a detailed analysis of our Coverity results, see Simo’s blog post.
So, what have we learned from the SSSD 1.5.0 cycle? First, there is no substitute for feedback from real-world users of your project. By maintaining our relationship with our most vocal users, I think we’ve achieved some truly great things. Secondly, when developing a security product, there’s no such thing as too many eyes on the code, be they other developers, users or automated scanning technologies.
Stephen Gallagher's Open-Source Blog 